Part 1: A better way to handle authorization in ASP.NET Core – The Reformed Programmer

Resource | v1 | created by jjones |
Type Blog post
Created 2018-12-14
Identifier unavailable


I was asked by one of my clients to help build a fairly large web application, and their authentication (i.e. checking who is logging in) and authorization (i.e. what pages/feature the logged in user can access) is very complex. From my experience a knew that using ASP.NET’s Role-based approach wouldn’t cut it, and I found the new ASP.NET Core policy-based approach really clever but it needed me to write lots of (boring) policies. In the end I created a solution for my client and this article describes the authorization part – I call it Roles-to-Permissions (the name will make more sense as you read the article).


about ASP.NET Core authorization

ASP.NET Core authorization provides a simple, declarative role and a rich policy-based model. Authori...

Edit details Edit relations Attach new author Attach new topic Attach new resource
0.0 /10
useless alright awesome
from 0 reviews
Write comment Rate resource Tip: Rating is anonymous unless you also write a comment.
Resource level 0.0 /10
beginner intermediate advanced
Resource clarity 0.0 /10
hardly clear sometimes unclear perfectly clear
Reviewer's background 0.0 /10
none basics intermediate advanced expert
Comments 0
Currently, there aren't any comments.